Skip to content

Pull requests: SigmaHQ/sigma

New pull request New
77 Open 4,436 Closed
77 Open 4,436 Closed
Author
Filter by author
Loading
Label
Filter by label
Loading
Use alt + click/return to exclude labels
or + click/return for logical OR
Projects
Filter by project
Loading
Milestones
Filter by milestone
Loading
Reviews
Filter by reviews
No reviews Review required Approved review Changes requested
Assignee
Filter by who’s assigned
Sort
Sort by
Newest Oldest Most commented Least commented Recently updated Least recently updated Best match
Most reactions
👍 👎 😄 🎉 😕 ❤️ 🚀 👀

Pull requests list

Potential Binary Impersonating Sysinternals Tools Rules Windows Pull request add/update windows related rules
#5264 opened Apr 14, 2025 by swachchhanda000 Loading…
new: Suspicious Process Spawn by CentreStack Portal AppPool Rules Windows Pull request add/update windows related rules Work In Progress Some changes are needed
#5263 opened Apr 11, 2025 by RG9n Loading…
4
feat: Suspicious CrushFTP Child Process Emerging-Threats Rules
#5261 opened Apr 10, 2025 by swachchhanda000 Loading…
1
Sigma rules to detect CVE 2025 29824 and susp BLF File Creation Emerging-Threats Rules Windows Pull request add/update windows related rules
#5260 opened Apr 10, 2025 by swachchhanda000 Loading…
Introduce versions of rules for K8s audit log format Rules
#5259 opened Apr 9, 2025 by kelnage Loading…
Add a missing mitre tag to one rule Rules Windows Pull request add/update windows related rules Work In Progress Some changes are needed
#5258 opened Apr 9, 2025 by david-syk Loading…
3
feat: Security Event Logging Disabled Via MiniNt Registry Key Rules Windows Pull request add/update windows related rules
#5257 opened Apr 9, 2025 by swachchhanda000 Loading…
Add rule to detect activation of a Wi-Fi hotspot on Ubuntu systems via NetworkManager, based on syslog. Linux Pull request add/update linux related rules Rules
#5255 opened Apr 7, 2025 by rahulisationn Loading…
1
Add rule to detect makecab staging of LOLBins Rules Windows Pull request add/update windows related rules
#5254 opened Apr 4, 2025 by alexegorov1 Loading…
1
New Rules : PowerShell Console History File Access - file_access + proc_creation Rules Windows Pull request add/update windows related rules
#5253 opened Apr 4, 2025 by EzLucky Loading…
Modify proc_creation_win_ping_hex_ip.yml to look for hexidemical strings using regex Rules Windows Pull request add/update windows related rules
#5251 opened Apr 2, 2025 by vasquja Loading…
1
Archive New Rule References
#5250 opened Apr 1, 2025 by github-actions bot Loading…
Promote Older Rules From experimental to test
#5249 opened Apr 1, 2025 by github-actions bot Loading…
Added more generic potential HKCU CLSID COM hijacking rule Rules Windows Pull request add/update windows related rules
#5248 opened Mar 29, 2025 by grimlockx Loading…
1
Added more extensions that could be suspicious for Startup Folder Rules Windows Pull request add/update windows related rules
#5246 opened Mar 27, 2025 by swachchhanda000 Loading…
Rules for Rustdesk Rules Windows Pull request add/update windows related rules
#5245 opened Mar 27, 2025 by frack113 Loading…
Potential ClickFix Execution Pattern - Registry Rules Windows Pull request add/update windows related rules
#5244 opened Mar 25, 2025 by swachchhanda000 Loading…
1
Discovery via registry queries detection Rules Windows Pull request add/update windows related rules
#5243 opened Mar 24, 2025 by xlazarg Loading…
1
Create win_system_possible_ipv6_dns_takeover.yml 2nd Review Needed PR need a second approval Rules Windows Pull request add/update windows related rules
#5242 opened Mar 22, 2025 by NinnessOtu Loading…
2
Addded rule for LNK Command-Line Padding with Whitespace Characters Ready to Merge Rules Windows Pull request add/update windows related rules
#5240 opened Mar 19, 2025 by swachchhanda000 Loading… Sigma-March-Release
Add esentutl.exe in potential browser data stealing Ready to Merge Rules Windows Pull request add/update windows related rules
#5239 opened Mar 19, 2025 by swachchhanda000 Loading… Sigma-March-Release
1
Added AntiSpywareProduct class enumeration Ready to Merge Rules Windows Pull request add/update windows related rules
#5234 opened Mar 17, 2025 by swachchhanda000 Loading… Sigma-March-Release
Create azure_ad_cross_tenant_b2b_collab_signin.yml Rules
#5233 opened Mar 15, 2025 by whichbuffer Loading…
Create azure_ad_cross_tenant_user_provisioning.yml Rules
#5232 opened Mar 15, 2025 by whichbuffer Loading…
Added rule to detect clearing of event logs via dotnet class Ready to Merge Rules Windows Pull request add/update windows related rules
#5228 opened Mar 12, 2025 by swachchhanda000 Loading… Sigma-March-Release
ProTip! Type g p on any issue or pull request to go back to the pull request listing page.